Adaxes

Password Sync two domains

0 votes

Hello @All,

I have a little question about passwords in Adaxes.
I have two domains and I want to sync password from UserA from Domain A to UserA in DomainB, is this possible?

Both domains are managed through Adaxes.

Thanks for every answer :-)
Arne

by (360 points)
0

Hello Arne,

By default, passwords are stored in Active Directory using irreversible encryption, which means that AD stores only hashes of the passwords, but not the actual passwords. For this reason, it is only possible to retrieve a password when it is set via Adaxes. In other words, it is possible to synchronize a password only when it is changed or reset or when a new user account is created using Adaxes.

For this purpose, you can create Business Rules triggered after

  • creating a new user,
  • changing the password of a user,
  • resetting the password of a user.

The Business Rules will automatically update the password for a similar user account in the other domain.

To help you with the actual Business Rules, can you provide more detail on how are users related between each other in both the domains? Do they have the same username? Maybe, the OU structure is similar, and also their Distinguished Name is similar less the domain name? Can you provide as much detail on this as possible?

by (216k points)
0

Hi.

I have the same question. We have two managed domains, with the same sammaccountname on both. What is the exactly configuration/ rule to do the sync using Business Rules? Our intention is to sync every time the users change or reset their passwords through the Adaxes Portal.

Tks!

by (0 points)

1 Answer

0 votes
by (272k points)

Hello,

Have a look at the following script from our repository: https://www.adaxes.com/script-repository/reset-user-password-in-resource-domain-s333.htm.

Related questions

0 votes
1 answer
Information about the expiring account (two domains)

Hi, We have two domains. Users has account in both domain Between these two domains running FIM , which replicates the account attributes, and Adaxes spans both domains. ... notification about expiring domain password only from domain A. How we can achieve it?

asked Apr 2, 2015 by axmaster (510 points)
0 votes
0 answers
Multi forests password sync?

Hello, Does Adaxes plan to integrate a king of password synchronization between forest in future release. This is just the piece that is missing for us :-) Regards.

asked Oct 19, 2016 by tentaal (1.1k points)
0 votes
0 answers
Do I have to create a trust between two domains to manage them with the same Adaxes service?

You do not need to create a trust between AD domains to manage them with an Adaxes service. When registering an AD domain, an account with administrative permissions ... control the user access to the managed resources, the Adaxes service uses Security Roles.

asked Apr 29, 2009 by Adaxes (550 points)
0 votes
1 answer
Sync onprem AD Security Group to M365 Mail Enabled Secuirty Group

Maybe there is a better way to accomplish this, so I'm open to suggestion. We are in a hybrid setup between onprem and M365. When we create a new user, they are ... command in the previous step, right? If needed, I can provide the full script. Thanks!

asked Nov 2, 2023 by AndrewMeyer (20 points)
0 votes
1 answer
Force Azure AD Sync (Start-ADSyncSyncCycle) on a different managed domain

Hi, We would like to run an AD sync (Start-ADSyncSyncCycle -PolicyType Delta) after a new user is created. Unfortunately, it looks like this script only works for servers that ... in any of the domains. What is the recommended way to achieve this? Thanks, Max

asked Sep 7, 2023 by mcutlyp (40 points)
3,346 questions
3,047 answers
7,776 comments
544,976 users